CVE-2022-26071 - Use of Insufficiently Random Values

Severity

75%

Complexity

39%

Confidentiality

60%

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, a flaw in the way reply ICMP packets are limited in the Traffic Management Microkernel (TMM) allows an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

CVSS 3.1 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N).

Demo Examples

Use of Insufficiently Random Values

CWE-330

This code generates a unique random identifier for a user's session.


               
}
return rand();

Because the seed for the PRNG is always the user's ID, the session ID will always be the same. An attacker could thus predict any user's session ID and potentially hijack the session.

This example also exhibits a Small Seed Space (CWE-339).

Use of Insufficiently Random Values

CWE-330

The following code uses a statistical PRNG to create a URL for a receipt that remains active for some period of time after a purchase.


               
}
return(baseUrl + ranGen.nextInt(400000000) + ".html");

This code uses the Random.nextInt() function to generate "unique" identifiers for the receipt pages it generates. Because Random.nextInt() is a statistical PRNG, it is easy for an attacker to guess the strings it generates. Although the underlying design of the receipt system is also faulty, it would be more secure if it used a random number generator that did not produce predictable receipt identifiers, such as a cryptographic PRNG.

Overview

Type

F5

First reported 3 years ago

2022-05-05 17:15:00

Last updated 3 years ago

2022-05-16 12:31:00

Affected Software

F5 Networks BIG-IP Local Traffic Manager 11.6.1

11.6.1

F5 Big-IP Local Traffic Manager (LTM) 12.1.2

12.1.2

F5 BIG-IP Advanced Firewall Manager (AFM) 12.1.0

12.1.0

F5 Big-IP Access Policy Manager (APM) 12.1.2

12.1.2

F5 Networks BIG-IP Global Traffic Manager 11.6.1

11.6.1

F5 Big-IP Domain Name System (DNS) 12.1.2

12.1.2

F5 BIG-IP Policy Enforcement Manager (PEM) 12.1.1

12.1.1

F5 Big-IP Policy Enforcement Manager (PEM) 12.1.2

12.1.2

F5 Big-IP Advanced Firewall Manager (AFM) 12.1.2

12.1.2

F5 BIG-IP Application Security Manager (ASM) 12.1.1

12.1.1

F5 BIG-IP Access Policy Manager (APM) 12.1.0

12.1.0

F5 BIG-IP Access Policy Manager (APM) 12.1.1

12.1.1

F5 Networks BIG-IP Advanced Firewall Manager 11.6.1

11.6.1

F5 BIG-IP Advanced Firewall Manager (AFM) 12.1.1

12.1.1

F5 Networks BIG-IP Analytics 11.6.1

11.6.1

F5 BIG-IP Analytics 12.1.0

12.1.0

F5 Big-IP Analytics 12.1.2

12.1.2

F5 Networks BIG-IP Application Acceleration Manager 11.6.1

11.6.1

F5 Networks BIG-IP Application Acceleration Manager 12.1.0

12.1.0

F5 BIG-IP Application Acceleration Manager (AAM) 12.1.1

12.1.1

F5 Big-IP Application Acceleration Manager (AAM) 12.1.2

12.1.2

F5 Networks BIG-IP Application Security Manager 11.6.1

11.6.1

F5 BIG-IP Application Security Manager (ASM) 12.1.0

12.1.0

F5 BIG-IP Domain Name System (DNS) 12.1.0

12.1.0

F5 Networks BIG-IP Link Controller 11.6.1

11.6.1

F5 BIG-IP Link Controller 12.1.0

12.1.0

F5 BIG-IP Link Controller 12.1.1

12.1.1

F5 Big-IP Link Controller 12.1.2

12.1.2

F5 BIG-IP Local Traffic Manager (LTM) 12.1.0

12.1.0

F5 Networks BIG-IP Policy Enforcement Manager 11.6.1

11.6.1

F5 Networks BIG-IP Access Policy Manager 11.6.1

11.6.1

F5 Big-IP Access Policy Manager (APM) 13.1.0

13.1.0

F5 BIG-IP Access Policy Manager (APM) 14.1.0

14.1.0

F5 Big-IP Advanced Firewall Manager (AFM) 13.1.0

13.1.0

F5 BIG-IP Advanced Firewall Manager 14.1.0

14.1.0

F5 BIG-IP Advanced Firewall Manager (AFM) 15.1.0

15.1.0

F5 BIG-IP Analytics 12.1.1

12.1.1

F5 Big-IP Analytics 13.1.0

13.1.0

F5 BIG-IP Analytics 14.1.0

14.1.0

F5 Big-IP Application Acceleration Manager (AAM) 13.1.0

13.1.0

F5 BIG-IP Application Acceleration Manager 14.1.0

14.1.0

F5 BIG-IP Application Acceleration Manager (AAM) 15.1.0

15.1.0

F5 Big-IP Application Security Manager (ASM) 12.1.2

12.1.2

F5 Big-IP Application Security Manager (ASM) 13.1.0

13.1.0

F5 BIG-IP Application Security Manager 14.1.0

14.1.0

F5 BIG-IP Domain Name System 11.6.1

11.6.1

F5 BIG-IP Domain Name System (DNS) 12.1.1

12.1.1

F5 Big-IP Domain Name System (DNS) 13.1.0

13.1.0

F5 BIG-IP Domain Name System 14.1.0

14.1.0

F5 Big-IP Fraud Protection Service (FPS) 11.6.1

11.6.1

F5 Big-IP Fraud Protection Service (FPS) 12.1.0

12.1.0

F5 Big-IP Fraud Protection Service (FPS) 13.1.0

13.1.0

F5 BIG-IP Fraud Protection Service 14.1.0

14.1.0

F5 BIG-IP Global Traffic Manager 12.1.0

12.1.0

F5 BIG-IP Global Traffic Manager 12.1.1

12.1.1

F5 BIG-IP Global Traffic Manager 12.1.2

12.1.2

F5 Big-IP Global Traffic Manager (GTM) 13.1.0

13.1.0

F5 BIG-IP Global Traffic Manager 14.1.0

14.1.0

F5 Big-IP Link Controller 13.1.0

13.1.0

F5 BIG-IP Link Controller 14.1.0

14.1.0

F5 BIG-IP Local Traffic Manager (LTM) 12.1.1

12.1.1

F5 Big-IP Local Traffic Manager (LTM) 13.1.0

13.1.0

F5 BIG-IP Local Traffic Manager 14.1.0

14.1.0

F5 BIG-IP Local Traffic Manager (LTM) 15.1.0

15.1.0

F5 Networks BIG-IP Policy Enforcement Manager (PEM) 11.6.2

11.6.2

F5 BIG-IP Policy Enforcement Manager (PEM) 12.1.0

12.1.0

F5 Networks BIG-IP Policy Enforcement Manager (PEM) 12.1.3

12.1.3

F5 Big-IP Policy Enforcement Manager (PEM) 13.1.0

13.1.0

F5 BIG-IP Policy Enforcement Manager 14.1.0

14.1.0

F5 BIG-IP Policy Enforcement Manager (PEM) 15.1.0

15.1.0

F5 Big-IP Access Policy Manager (APM) 11.6.2

11.6.2

F5 Big-IP Access Policy Manager (APM) 11.6.3

11.6.3

F5 BIG-IP Access Policy Manager (APM) 11.6.4

11.6.4

F5 Big-IP Access Policy Manager (APM) 11.6.5

11.6.5

F5 Big-IP Access Policy Manager (APM) 12.1.3

12.1.3

F5 BIG-IP Access Policy Manager (APM) 12.1.4

12.1.4

F5 Big-IP Access Policy Manager (APM) 12.1.5

12.1.5

F5 Big-IP Access Policy Manager (APM) 13.1.1

13.1.1

F5 BIG-IP Access Policy Manager (APM) 13.1.3

13.1.3

F5 Big-IP Access Policy Manager (APM) 14.1.2

14.1.2

F5 BIG-IP Access Policy Manager (APM) 15.1.0

15.1.0

F5 Big-IP Advanced Firewall Manager (AFM) 11.6.2

11.6.2

F5 Big-IP Advanced Firewall Manager (AFM) 11.6.3

11.6.3

F5 BIG-IP Advanced Firewall Manager (AFM) 11.6.4

11.6.4

F5 Big-IP Advanced Firewall Manager (AFM) 11.6.5

11.6.5

F5 Big-IP Advanced Firewall Manager (AFM) 12.1.3

12.1.3

F5 BIG-IP Advanced Firewall Manager 12.1.4

12.1.4

F5 Big-IP Advanced Firewall Manager (AFM) 12.1.5

12.1.5

F5 Big-IP Advanced Firewall Manager (AFM) 13.1.1

13.1.1

F5 Big-IP Advanced Firewall Manager (AFM) 13.1.3

13.1.3

F5 Big-IP Advanced Firewall Manager (AFM) 14.1.2

14.1.2

F5 BIG-IP Analytics 15.1.0

15.1.0

F5 BIG-IP Application Security Manager (ASM) 15.1.0

15.1.0

F5 BIG-IP Domain Name System (DNS) 15.1.0

15.1.0

F5 BIG-IP Fraud Protection Service (FPS) 15.1.0

15.1.0

F5 BIG-IP Global Traffic Manager (GTM) 15.1.0

15.1.0

F5 BIG-IP Link Controller 15.1.0

15.1.0

F5 Big-IP Analytics 11.6.2

11.6.2

F5 Big-IP Analytics 11.6.3

11.6.3

F5 BIG-IP Analytics 11.6.4

11.6.4

F5 Big-IP Analytics 11.6.5

11.6.5

F5 Big-IP Analytics 12.1.3

12.1.3

F5 BIG-IP Analytics 12.1.4

12.1.4

F5 Big-IP Analytics 12.1.5

12.1.5

F5 Big-IP Analytics 13.1.1

13.1.1

F5 Big-IP Analytics 13.1.3

13.1.3

F5 Big-IP Analytics 14.1.2

14.1.2

F5 Big-IP Application Acceleration Manager (AAM) 11.6.2

11.6.2

F5 Big-IP Application Acceleration Manager (AAM) 11.6.3

11.6.3

F5 BIG-IP Application Acceleration Manager (AAM) 11.6.4

11.6.4

F5 Big-IP Application Acceleration Manager (AAM) 11.6.5

11.6.5

F5 Big-IP Application Acceleration Manager (AAM) 12.1.3

12.1.3

F5 BIG-IP Application Acceleration Manager 12.1.4

12.1.4

F5 Big-IP Application Acceleration Manager (AAM) 12.1.5

12.1.5

F5 Big-IP Application Acceleration Manager (AAM) 13.1.1

13.1.1

F5 Big-IP Application Acceleration Manager (AAM) 13.1.3

13.1.3

F5 Big-IP Application Acceleration Manager (AAM) 14.1.2

14.1.2

F5 Big-IP Application Security Manager (ASM) 11.6.2

11.6.2

F5 Big-IP Application Security Manager (ASM) 11.6.3

11.6.3

F5 BIG-IP Application Security Manager (ASM) 11.6.4

11.6.4

F5 Big-IP Application Security Manager (ASM) 11.6.5

11.6.5

F5 Big-IP Application Security Manager (ASM) 12.1.3

12.1.3

F5 BIG-IP Application Security Manager 12.1.4

12.1.4

F5 Big-IP Application Security Manager (ASM) 12.1.5

12.1.5

F5 Big-IP Application Security Manager (ASM) 13.1.1

13.1.1

F5 Big-IP Application Security Manager (ASM) 13.1.3

13.1.3

F5 Big-IP Application Security Manager (ASM) 14.1.2

14.1.2

F5 Big-IP Fraud Protection Service (FPS) 13.1.1

13.1.1

F5 Big-IP Fraud Protection Service (FPS) 13.1.3

13.1.3

F5 Big-IP Fraud Protection Service (FPS) 14.1.2

14.1.2

F5 Big-IP Global Traffic Manager (GTM) 11.6.2

11.6.2

F5 Big-IP Global Traffic Manager (GTM) 11.6.3

11.6.3

F5BIG-IP Global Traffic Manager (GTM) 11.6.4

11.6.4

F5 Big-IP Global Traffic Manager (GTM) 11.6.5

11.6.5

F5 Big-IP Global Traffic Manager (GTM) 12.1.3

12.1.3

F5 BIG-IP Global Traffic Manager 12.1.4

12.1.4

F5 Big-IP Global Traffic Manager (GTM) 12.1.5

12.1.5

F5 Big-IP Global Traffic Manager (GTM) 13.1.1

13.1.1

F5 Big-IP Global Traffic Manager (GTM) 13.1.3

13.1.3

F5 Big-IP Global Traffic Manager (GTM) 14.1.2

14.1.2

F5 Big-IP Link Controller 11.6.2

11.6.2

F5 Big-IP Link Controller 11.6.3

11.6.3

F5 BIG-IP Link Controller 11.6.4

11.6.4

F5 Big-IP Link Controller 11.6.5

11.6.5

F5 Big-IP Link Controller 12.1.3

12.1.3

F5 BIG-IP Link Controller 12.1.4

12.1.4

F5 Big-IP Link Controller 12.1.5

12.1.5

F5 Big-IP Link Controller 13.1.1

13.1.1

F5 Big-IP Link Controller 13.1.3

13.1.3

F5 Big-IP Link Controller 14.1.2

14.1.2

F5 Big-IP Local Traffic Manager (LTM) 11.6.2

11.6.2

F5 Big-IP Local Traffic Manager (LTM) 11.6.3

11.6.3

F5 BIG-IP Local Traffic Manager (LTM) 11.6.4

11.6.4

F5 Big-IP Local Traffic Manager (LTM) 11.6.5

11.6.5

F5 Big-IP Local Traffic Manager (LTM) 12.1.3

12.1.3

F5 BIG-IP Local Traffic Manager 12.1.4

12.1.4

F5 Big-IP Local Traffic Manager (LTM) 12.1.5

12.1.5

F5 Big-IP Local Traffic Manager (LTM) 13.1.1

13.1.1

F5 BIG-IP Local Traffic Manager (LTM) 13.1.3

13.1.3

F5 BIG-IP Local Traffic Manager (LTM) 14.1.2

14.1.2

F5 Big-IP Policy Enforcement Manager (PEM) 11.6.3

11.6.3

F5 BIG-IP Policy Enforcement Manager (PEM) 11.6.4

11.6.4

F5 Big-IP Policy Enforcement Manager (PEM) 11.6.5

11.6.5

F5 BIG-IP Policy Enforcement Manager 12.1.4

12.1.4

F5 Big-IP Policy Enforcement Manager (PEM) 12.1.5

12.1.5

F5 Big-IP Policy Enforcement Manager (PEM) 13.1.1

13.1.1

F5 Big-IP Policy Enforcement Manager (PEM) 13.1.3

13.1.3

F5 Big-IP Policy Enforcement Manager (PEM) 14.1.2

14.1.2

F5 Big-IP Domain Name System (DNS) 11.6.2

11.6.2

F5 Big-IP Domain Name System (DNS) 11.6.3

11.6.3

F5 BIG-IP Domain Name System (DNS) 11.6.4

11.6.4

F5 Big-IP Domain Name System (DNS) 11.6.5

11.6.5

F5 Big-IP Domain Name System (DNS) 12.1.3

12.1.3

F5 BIG-IP Domain Name System 12.1.4

12.1.4

F5 Big-IP Domain Name System (DNS) 12.1.5

12.1.5

F5 Big-IP Domain Name System (DNS) 13.1.1

13.1.1

F5 Big-IP Domain Name System (DNS) 13.1.3

13.1.3

F5 Big-IP Domain Name System (DNS) 14.1.2

14.1.2

F5 Big-IP Fraud Protection Service (FPS) 11.6.2

11.6.2

F5 Big-IP Fraud Protection Service (FPS) 11.6.3

11.6.3

F5 BIG-IP Fraud Protection Service (FPS) 11.6.4

11.6.4

F5 Big-IP Fraud Protection Service (FPS) 11.6.5

11.6.5

F5 Big-IP Fraud Protection Service (FPS) 12.1.1

12.1.1

F5 Big-IP Fraud Protection Service (FPS) 12.1.2

12.1.2

F5 Big-IP Fraud Protection Service (FPS) 12.1.3

12.1.3

F5 BIG-IP Fraud Protection Service (FPS) 12.1.4

12.1.4

F5 Big-IP Fraud Protection Service (FPS) 12.1.5

12.1.5

References

https://support.f5.com/csp/article/K41440465

https://support.f5.com/csp/article/K41440465

Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.